← Back to Skills Marketplace
148
Downloads
0
Stars
0
Active Installs
7
Versions
Install in OpenClaw
/install mjolnir-shadow
Description
Mjolnir Shadow (雷神之影) — Automated rotating backup system for OpenClaw workspaces. Creates GPG-encrypted, rotating backups of workspace files, configs, and da...
README (SKILL.md)
Mjolnir Shadow (雷神之影) 🌑
Automated rotating backup for OpenClaw workspaces with GPG-encrypted credential storage.
自动轮转备份系统,支持 GPG 加密凭证。
Requirements / 依赖
- bash + curl — most Linux/macOS systems
- Python 3.6+ — for setup wizard
- GPG (gnupg) — for credential encryption (recommended)
- WebDAV server — Nextcloud, ownCloud, Synology, etc.
- Env var (optional):
MJOLNIR_SHADOW_PASS— GPG passphrase for non-interactive cron runs
Quick Start / 快速开始
# 1. Interactive setup (creates encrypted config)
# 1. 交互式配置(创建加密配置)
python3 scripts/setup_backup.py
# 2. Run backup
# 2. 运行备份
bash scripts/backup.sh
# 3. Check status
# 3. 检查状态
cat memory/backup-state.json
How It Works / 工作原理
- Decrypt config via GPG (or read plaintext fallback) / GPG 解密配置
- Collect workspace, configs, strategies, skills into archives / 打包文件
- Upload to WebDAV via
--netrc-file(credentials never in process listings) / 上传到 WebDAV - Rotate — keep N newest, delete oldest (FIFO) / 轮转:保留最新 N 个
- Clean up — all temp files removed on exit / 退出时清理临时文件
Security / 安全
- GPG AES-256 encrypted credential storage / 凭证加密存储
- --netrc-file for all curl calls (backup + restore) — no
-u user:pass/ 所有 curl 调用使用 netrc - HTTPS warning if WebDAV URL is not HTTPS / 非 HTTPS 警告
- Channel auth excluded by default (configurable) / 默认排除通道认证 token
- Temp cleanup via
trap EXIT— netrc + archives removed even on failure / 异常退出也清理 - Secret exclusion —
.gpg,.key,.secret,.envalways excluded / 始终排除密钥文件
What Gets Backed Up / 备份内容
| Component / 组件 | Includes / 包含 | Excludes / 排除 |
|---|---|---|
| Workspace | Memory, docs, scripts | .git, node_modules, venv, .env, secrets/*.gpg |
| Config | openclaw.json, cron/ | Channel auth (default), *.gpg, *.secret |
| Strategies | Strategy files, monitors | venv, pycache |
| Skills | Installed skill packages | node_modules, venv, *.gpg |
Cron / 定时备份
Setup wizard prints the cron command (does not auto-create). Add manually:
配置向导打印 cron 命令(不会自动创建)。手动添加:
# Every 3 days at 03:00 / 每 3 天凌晨 3 点
openclaw cron add --name "🌑 Mjolnir Shadow" \
--schedule "0 3 */3 * *" --tz "Asia/Shanghai" \
--isolated --timeout 300 \
--message "bash /path/to/scripts/backup.sh"
Non-interactive GPG decryption / 非交互式 GPG 解密
For unattended cron runs, use gpg-agent (recommended) or set MJOLNIR_SHADOW_PASS via a secure secret store — do NOT put plaintext passphrases in cron commands or world-readable files.
非交互运行时,推荐使用 gpg-agent,或通过 安全的密钥存储 设置 MJOLNIR_SHADOW_PASS — 不要 在 cron 命令或明文文件中写入密码。
# Recommended: use gpg-agent (pre-cache passphrase)
# 推荐:使用 gpg-agent(预缓存密码)
gpg-connect-agent /bye # ensure agent is running
# Alternative: read from encrypted credential store
# 备选:从加密凭证存储读取
# export MJOLNIR_SHADOW_PASS="$(your-secret-manager get mjolnir-shadow-pass)"
Restore / 恢复
🚀 一键恢复(推荐新手)
# 方式1: 全自动模式 — 带进度条,一键搞定
bash scripts/restore.sh --auto
# 方式2: 独立恢复引导 — 不依赖 OpenClaw,全新系统也能用
bash scripts/restore-kit.sh
--auto 模式会自动完成:解密配置 → 查找最新备份 → 下载 → 解压 → 恢复全部组件 → 重启 OpenClaw。全程进度条显示,小白友好。
restore-kit.sh 是完全独立的脚本,不依赖任何已安装技能。适用于:
- 全新系统重装后恢复
- OpenClaw 还没装的时候
- 从另一台机器 SCP 过来直接运行
# 从另一台机器拷贝过来运行
scp kaixin:/path/to/restore-kit.sh . && bash restore-kit.sh
手动模式(高级用户)
bash scripts/restore.sh --list # List backups / 列出备份
bash scripts/restore.sh --latest # Restore latest (manual) / 恢复最新(手动确认)
bash scripts/restore.sh --file NAME # Restore specific / 恢复指定
手动模式先解压到临时目录,你可以检查后再决定覆盖哪些组件。
Configuration Reference / 配置参考
See references/config-reference.md for all options. / 详见配置参考文档。
Usage Guidance
This skill is coherent with its stated purpose, but take these precautions before installing or running it: 1) Only point backups to a WebDAV server you control and prefer HTTPS (the scripts warn on non-HTTPS but allow it). 2) Protect the GPG passphrase: use gpg-agent or a secure secret store; do not place MJOLNIR_SHADOW_PASS in plaintext cron lines or world-readable files. 3) Review the configuration (config/backup-config.json.gpg once decrypted) to confirm which paths will be backed up — installed skills and workspace files are included by default and may contain unexpected secrets. 4) The restore-kit can install system packages and Node/OpenClaw (may use sudo); run it only on machines you trust and after reading the script. 5) Verify the upstream source and author (GitHub repo link provided) before trusting automated restore actions. 6) If you need stricter control, run backup/restore manually or run in an isolated environment and consider disabling autonomous skill invocation if you don't want the agent to call it without supervision.
Capability Assessment
Purpose & Capability
Name/description promise (rotating, GPG-encrypted backups of OpenClaw workspace to WebDAV) aligns with the scripts and SKILL.md: setup wizard, backup.sh, restore.sh and restore-kit.sh implement the described functionality and request only WebDAV credentials and optional GPG passphrase. No unrelated credentials or services are required.
Instruction Scope
Runtime instructions and scripts operate on the OpenClaw workspace and config (including installed skills) and upload archives to a WebDAV target — this is expected for a backup tool. The scripts attempt to exclude common sensitive files (*.gpg, .env, channel tokens) but they still pack entire workspace and skill directories; if secrets exist in unusual paths they could be included. The restore-kit also auto-installs system dependencies and OpenClaw when run on a bare machine (explicit in SKILL.md).
Install Mechanism
There is no formal install spec; the package is instruction + script based. The restore-kit may download system packages and Node.js from NodeSource/nodejs.org and uses apt/brew/npm as needed — these are common sources and consistent with a full restore workflow. The scripts do perform network downloads and may request sudo for system installs during restore (documented).
Credentials
No forced environment variables or external credentials are declared beyond the optional MJOLNIR_SHADOW_PASS. The skill legitimately needs WebDAV credentials (stored in a local encrypted config) and optional GPG passphrase for non-interactive runs — these are proportionate to the backup/restore purpose.
Persistence & Privilege
The skill is not force-included (always: false) and uses normal agent invocation. It does not attempt to modify other skills' configs beyond restoring files into the OpenClaw workspace (expected for a restore). The restore-kit can install system software (apt/npm/brew, write to /usr/local) which requires elevated privileges — this is normal for a bare‑metal restore but worth noting.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install mjolnir-shadow - After installation, invoke the skill by name or use
/mjolnir-shadow - Provide required inputs per the skill's parameter spec and get structured output
Version History
v2.0.0
v2.0: 三平台全覆盖 (Win11/macOS/Ubuntu), restore-kit 裸机一键恢复
v1.2.3
Fix metadata format (clawdbot JSON), remove plaintext passphrase from cron examples, recommend gpg-agent/secret store
v1.2.2
Fix metadata: declare required binaries (bash/curl/python3/gpg), add homepage URL, declare optional env var MJOLNIR_SHADOW_PASS. Resolves ClawdHub security scan findings.
v1.2.1
🔒 Fix last curl -u in setup connection test, now zero instances of credential exposure in process listings
v1.2.0
🔒 Fix all security scan findings: restore.sh netrc auth, declared requirements (bash/curl/Python3/gpg/MJOLNIR_SHADOW_PASS), consistent credential handling, bilingual docs
v1.1.0
🔒 Security hardening: GPG encrypted credentials, netrc auth, HTTPS check, channel auth exclusion, bilingual docs
v1.0.0
🌑 Initial release - Automated rotating backup system for OpenClaw workspaces
Metadata
Frequently Asked Questions
What is 雷神之影 Mjolnir Shadow?
Mjolnir Shadow (雷神之影) — Automated rotating backup system for OpenClaw workspaces. Creates GPG-encrypted, rotating backups of workspace files, configs, and da... It is an AI Agent Skill for Claude Code / OpenClaw, with 148 downloads so far.
How do I install 雷神之影 Mjolnir Shadow?
Run "/install mjolnir-shadow" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is 雷神之影 Mjolnir Shadow free?
Yes, 雷神之影 Mjolnir Shadow is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does 雷神之影 Mjolnir Shadow support?
雷神之影 Mjolnir Shadow is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created 雷神之影 Mjolnir Shadow?
It is built and maintained by king6381 (@king6381); the current version is v2.0.0.
More Skills